Bytefreaks.net – a place for hacks

Bytefreaks.net – a place for hacks

Daily Archives: 22 February 2017

Like many people, we use Jenkins to perform several tasks automatically.Jenkins is an open source automation server, it provides hundreds of plugins to support building, deploying and automating any project.

One of the features of Jenkins is the option to send an email to the user under certain circumstances, e.g. after a build was complete.
The default layout of those emails is not so pretty, so we did some changes to it. Note: below we present how to make the changes apply to the whole system, if you do not want to do that, you could apply these changes to individual projects only.

Using an administrative account, click on Manage Jenkins option on the left menu and in the new screen click on Configure System on the right column.
These actions will take you to the configuration page of your Jenkins installation (e.g. http://jenkins:8080/configure).

Scroll down to the category Extended E-mail Notification.

From the drop down menu, change the value of Default Content Type to HTML (text/html).

Update the value of Default Subject to [$BUILD_STATUS] - $PROJECT_NAME - Build # $BUILD_NUMBER ($BUILD_ID). We prefer to have the build status first (like a tag).

The email you will receive after a successful execution will be similar to the one below:

Subject: [Successful] - banana - Build # 77 (77)
Body:

Press the Apply button to save the changes.

You will notice that in the email we mention the following: If you cannot connect to the build server, check the attached logs..
To enable the option to attach the logs, you need to configure your project itself.
Select your project from the main screen and then click on Configure on the left column.

The following code has two threads.
The main thread spawns a pthread and then blocks on a condition waiting for a signal from the pthread.
The pthread will perform its task and then signal the main thread.
Once the main thread receives its signal, it will join the pthread and terminate.

#include <stdio.h>
#include <sys/types.h>
#include <pthread.h>
#include <asm/errno.h>
#define MAX_WAIT_TIME_IN_SECONDS (6)
struct thread_info_t
{
// Used to identify a thread.
pthread_t thread_id;
// A condition is a synchronization device that allows threads to suspend execution and relinquish the processors until some predicate on shared data is satisfied.
// The basic operations on conditions are: signal the condition (when the predicate becomes true), and wait for the condition, suspending the thread execution until another thread signals the condition.
pthread_cond_t condition;
// A mutex is a MUTual EXclusion device, and is useful for protecting shared data structures from concurrent modifications, and implementing critical sections and monitors.
// A mutex has two possible states: unlocked (not owned by any thread), and locked (owned by one thread).
// A mutex can never be owned by two different threads simultaneously.
// A thread attempting to lock a mutex that is already locked by another thread is suspended until the owning thread unlocks the mutex first.
pthread_mutex_t mutex;
};
void error_pthread_mutex_unlock(const int unlock_rv)
{
fprintf(stderr, "Failed to unlock mutex.\n");
switch (unlock_rv)
{
case EINVAL:
fprintf(stderr, "The value specified by mutex does not refer to an initialized mutex object.\n");
break;
case EAGAIN:
fprintf(stderr, "The mutex could not be acquired because the maximum number of recursive locks for mutex has been exceeded.\n");
break;
case EPERM:
fprintf(stderr, "The current thread does not own the mutex.\n");
break;
default:
break;
}
}
void error_pthread_mutex_lock(const int lock_rv)
{
fprintf(stderr, "Failed to lock mutex.\n");
switch (lock_rv)
{
case EINVAL:
fprintf(stderr, "The value specified by mutex does not refer to an initialized mutex object or the mutex was created with the protocol attribute having the value PTHREAD_PRIO_PROTECT and the calling thread's priority is higher than the mutex's current priority ceiling.\n");
break;
case EAGAIN:
fprintf(stderr, "The mutex could not be acquired because the maximum number of recursive locks for mutex has been exceeded.\n");
break;
case EDEADLK:
fprintf(stderr, "A deadlock condition was detected or the current thread already owns the mutex.\n");
break;
default:
break;
}
}
void error_pthread_cond_signal(const int signal_rv)
{
fprintf(stderr, "Could not signal.\n");
if (signal_rv == EINVAL)
{
fprintf(stderr, "The value cond does not refer to an initialised condition variable.\n");
}
}
void error_pthread_setcanceltype(const int setcanceltype_rv)
{
fprintf(stderr, "Could not change cancelability type of thread.\n");
if (setcanceltype_rv == EINVAL)
{
fprintf(stderr, "Invalid value for type.\n");
}
}
void error_pthread_create(const int create_rv)
{
fprintf(stderr, "Could not create thread.\n");
switch (create_rv)
{
case EAGAIN:
fprintf(stderr, "Insufficient resources to create another thread or a system-imposed limit on the number of threads was encountered.\n");
break;
case EINVAL:
fprintf(stderr, "Invalid settings in attr.\n");
break;
case EPERM:
fprintf(stderr, "No permission to set the scheduling policy and parameters specified in attr.\n");
break;
default:
break;
}
}
void error_pthread_cond_timedwait(const int timed_wait_rv)
{
fprintf(stderr, "Conditional timed wait, failed.\n");
switch (timed_wait_rv)
{
case ETIMEDOUT:
fprintf(stderr, "The time specified by abstime to pthread_cond_timedwait() has passed.\n");
break;
case EINVAL:
fprintf(stderr, "The value specified by abstime, cond or mutex is invalid.\n");
break;
case EPERM:
fprintf(stderr, "The mutex was not owned by the current thread at the time of the call.\n");
break;
default:
break;
}
}
void error_pthread_join(const int join_rv)
{
fprintf(stderr, "Could not join thread.\n");
switch (join_rv)
{
case EINVAL:
fprintf(stderr, "The implementation has detected that the value specified by thread does not refer to a joinable thread.\n");
break;
case ESRCH:
fprintf(stderr, "No thread could be found corresponding to that specified by the given thread ID.\n");
break;
case EDEADLK:
fprintf(stderr, "A deadlock was detected or the value of thread specifies the calling thread.\n");
break;
default:
break;
}
}
void error_clock_gettime(const int gettime_rv)
{
fprintf(stderr, "Could not get time from clock.\n");
switch (gettime_rv)
{
case EFAULT:
fprintf(stderr, "tp points outside the accessible address space.\n");
break;
case EINVAL:
fprintf(stderr, "The clk_id specified is not supported on this system.\n");
break;
case EPERM:
fprintf(stderr, "clock_settime() does not have permission to set the clock indicated.\n");
break;
default:
break;
}
}
// This is the thread that will be called by pthread_create() and it will be executed by the new thread.
void *worker_thread(void *data)
{
// We know that the input data pointer is pointing to a thread_info_t so we are casting it to the right type.
struct thread_info_t *thread_info = (struct thread_info_t *) data;
// We block this thread trying to lock the mutex, this way we will make sure that the parent thread had enough time to call pthread_cond_timedwait().
// When the parent thread calls pthread_cond_timedwait() it will unlock the mutex and this thread will be able to proceed.
const int lock_rv = pthread_mutex_lock(&(thread_info->mutex));
if (lock_rv)
{
error_pthread_mutex_lock(lock_rv);
}
int oldtype;
// The pthread_setcanceltype() sets the cancelability type of the calling thread to the value given in type.
// The previous cancelability type of the thread is returned in the buffer pointed to by oldtype.
// The argument PTHREAD_CANCEL_ASYNCHRONOUS means that the thread can be canceled at any time.
const int setcanceltype_rv = pthread_setcanceltype(PTHREAD_CANCEL_ASYNCHRONOUS, &oldtype);
if (setcanceltype_rv)
{
error_pthread_setcanceltype(setcanceltype_rv);
}
// TODO: This is the place you should implement the functionality that is needed for this thread
// The pthread_cond_signal() call unblocks at least one of the threads that are blocked on the specified condition variable cond (if any threads are blocked on cond).
const int signal_rv = pthread_cond_signal(&(thread_info->condition));
if (signal_rv)
{
error_pthread_cond_signal(signal_rv);
}
// The pthread_mutex_unlock() function shall release the mutex object referenced by mutex.
const int unlock_rv = pthread_mutex_unlock(&(thread_info->mutex));
if (unlock_rv)
{
error_pthread_mutex_unlock(unlock_rv);
}
return NULL;
}
int main()
{
struct thread_info_t thread_info;
pthread_cond_init(&thread_info.condition, NULL);
pthread_mutex_init(&thread_info.mutex, NULL);
const int lock_rv = pthread_mutex_lock(&thread_info.mutex);
if (lock_rv)
{
error_pthread_mutex_lock(lock_rv);
}
const int create_rv = pthread_create(&(thread_info.thread_id), NULL, &worker_thread, (void *) &thread_info);
if (create_rv)
{
error_pthread_create(create_rv);
const int unlock_rv = pthread_mutex_unlock(&thread_info.mutex);
if (unlock_rv)
{
error_pthread_mutex_unlock(unlock_rv);
}
}
else
{
// timespec is a structure holding an interval broken down into seconds and nanoseconds.
struct timespec max_wait = {0, 0};
// The clock_gettime system call has higher precision than its successor the gettimeofday().
// It has the ability to request specific clocks using the clock id.
// It fills in a timespec structure with the seconds and nanosecond count of the time since the Epoch (00:00 1 January, 1970 UTC).
// CLOCK_REALTIME argument represents a system-wide real-time clock. This clock is supported by all implementations and returns the number of seconds and nanoseconds since the Epoch.
const int gettime_rv = clock_gettime(CLOCK_REALTIME, &max_wait);
if (gettime_rv)
{
error_clock_gettime(gettime_rv);
}
max_wait.tv_sec += MAX_WAIT_TIME_IN_SECONDS;
// The pthread_cond_timedwait() function blocks on a condition variable.
// It must be called with a mutex locked by the calling thread or undefined behavior results will occur.
// This function atomically releases the mutex and causes the calling thread to block on the condition variable cond;
// atomically here means "atomically with respect to access by another thread to the mutex and then the condition variable".
// That is, if another thread is able to acquire the mutex after the about-to-block thread has released it, then a subsequent call to pthread_cond_broadcast() or pthread_cond_signal() in that thread shall behave as if it were issued after the about-to-block thread has blocked.
const int timed_wait_rv = pthread_cond_timedwait(&thread_info.condition, &thread_info.mutex, &max_wait);
if (timed_wait_rv)
{
error_pthread_cond_timedwait(timed_wait_rv);
}
// The pthread_join() function suspends execution of the calling thread until the target thread terminates, unless the target thread has already terminated.
const int join_rv = pthread_join(thread_info.thread_id, NULL);
if (join_rv)
{
error_pthread_join(join_rv);
}
}
return 0;
}

Our Jenkins setup has a lot of cool features and configuration.
It has ‘project-based security’, it has parametrized projects, multiple source code management blocks per project and fairly extensive tests implemented with several build steps.
Of course, we do not want to lose them, so we make backups often.
The commands we use for the backup are the following.

In backup_folder="$HOME/jenkins/`date +%F`"; we used the $HOME variable instead of the tilde ~ as this would create a folder in the current directory called ~ instead of creating a new folder called jenkins in the home directory.

(cd "$jenkins_folder"/jobs/; find . -mindepth 3 -type d -regex '.*/[0-9]*$' -print) navigates to the directory of jenkins before performing the search, this way the result file names will be relative to the installation location which we need later to pass to rsync.
Then we search for all folders which their name is numeric and they at least on depth 3. We filter by depth as well to avoid matching folders directly in the jobs folder.

sed 's|./|jobs/|' replaces the prefix ./ with jobs/ to match the relative path from where rsync will work from

sudo rsync --archive --exclude 'workspace/*' --exclude-from=- "$jenkins_folder" "$backup_folder"; it will copy everything from $jenkins_folder to the folder $backup_folder while excluding the data in workspace and the folders matched from find (the job build folders).--exclude-from=- instructs rsync to read from stdin the list of files to exclude.

Using the parameter -l (or --listening) it will show only listening sockets/ports (which are omitted by default.).--numeric-ports shows numerical port numbers but does not affect the resolution of host or user names (e.g. instead of showing the name ssh, it will show the value 22).

We used netstat using the following syntax to check which sockets/ports are open on the current machine:

Check a specific port if it is open from a remote machine

In case you want to check a specific port if it is open from a remote machine, you can use nmap.
Using nmap to scan specific ports allows you to check if a remote machine appears to have open ports available to you.nmap is a network exploration tool and security / port scanner.

The following example checks ports 80 and 8080 on 192.168.1.199 if they are open.

From this information we got the hash value in front of the commit which we wanted to use to restore, which was 271f0084.

Then, we checked out that version using

git checkout 271f0084;

When we tried to push the branch back to the server the Git pre commit hooks blocked the operation.
Based on the rsa key used, we could only submit changes that were committed by the owner of that key.
The option to disable temporarily the pre commit hooks was unfortunately out of the question. So we had to replace all author names and emails with the name of the one holding the key.

To do so we used the following command before pushing to the server once more:

git filter-branch lets you rewrite Git revision history by rewriting the branches mentioned, in our case it was HEAD, applying custom filters on each revision. Those filters can modify each tree (e.g. removing a file or running a perl rewrite on all files) or information about each commit. Otherwise, all information (including original commit times or merge information) will be preserved.

HEAD is a reference to the currently checked out commit. In normal states, it’s actually a symbolic reference to the branch you have checked out.
Looking at the contents of .git/HEAD you’ll see something similar to ref: refs/heads/master.
The branch itself is a reference to the commit at the tip of the branch.

The following two examples demonstrate the use of bit fields to reduce memory consumption of certain applications.

In the first example we create a compressed ‘bit’ struct and on the second we create a weird struct representation for bytes to show that the size of that struct is significantly less that the original one.

Recently, we needed to filter the results of ps x using two different patterns.
The first pattern was ./ where we needed to match that exact character sequence.
The . period character is treated as a special character in regular expressions (it matches a single character of any value, except for the end of line), so we decided to use the -F parameter to remove this special handling.
Doing this change prevented us from writing a regular expression that uses the OR | operator.

-F (or --fixed-strings) is a matching control option that instructs grep to interpret the patterns as a list of fixed strings (instead of regular expressions), separated by newlines, any of which is to be matched.
We tried assigning the different patterns as different lines to a variable and then using them on the pipe, like in the following example:

patterns="./
banana";
ps x | grep -F $patterns;

..but it failed.

Solution

grep supports a matching control option -e that allows us to define multiple patterns using different strings.

-e PATTERN (or --regexp=PATTERN) uses the value PATTERN as the pattern. If this option is used multiple times or it is combined with the -f (--file) option, grep will search for all patterns given.

In the end, our command was transformed to the following, which worked just fine!